Bad Beowulfs &c

Rob Nelson ronelson at vt.edu
Sun May 14 05:02:32 PDT 2000


>appropriate systems.  I'm sure that there are some network admin types on this 
>list, so it seems reasonable to ask this question: how many of you can 
>honestly say that you *always* keep fully updated with *all* the security 
>procedures that you should have in place?  How far behind do you sometimes 
>get?  Of course, I'm not asking anyone out there to reveal any really 
>dangerous secrets about their systems.

Never :) We never keep caught up. At best, we're a day behind, at worst
we're years behind. The essential problem is that patches come out for
programs you don't need, then 6 months later you start using that program.
The vendors seem pretty lax in informing you about holes that were
discovered months before. That's where we get hurt.

Also, WRT vbs scripts, there's no way to stop the luser from clicking on it,
plain and simple. We'll never stop that.

Rob Nelson
ronelson at vt.edu





More information about the Beowulf mailing list